In the past decade, our home computing environments have multiplied in complexity. While in the past, you might just have a laptop and a Wi-Fi router, today the number of devices on the typical network has exploded. Phones, tablets, baby monitors, video streaming devices, security cameras, smart televisions, smart speakers, and smart light bulbs are all common features of a modern smart home.
And while the rise of the smart home has given us access to new capabilities that were unimaginable in the past, it has also presented a considerable security challenge—hackers now have many possible entry points to gain access to your network and data. If each device you own has a small chance of being hacked, the cumulative probability that you’ll eventually be hacked rises with each device you own.
We decided to analyze data from Priceonomics customer Avast, the antivirus company. Avast is able to analyze Wi-Fi networks for vulnerabilities using their product Avast Wi-Fi Inspector. With the users’ permission, we analyzed 16 million household Wi-Fi networks around the world to see how common smart device vulnerability was and which countries have the highest (and lowest) rates of security vulnerabilities at home. For the purpose of a global smart home report, we focused on 21 countries in North and South America, Europe, and the Asia Pacific region (data is from September 2018).
We found that globally, 40.8% of homes have at least one vulnerable smart device on their network. Out of the countries we took a closer look at, the country with the highest rate of security vulnerabilities is India, where 52.4% of homes have a vulnerable device on their network. The country with the safest home networks is Germany, where the vulnerability rate is 16.7%. Of the smart devices we examined, Network-Attached Storage devices (smart hard-drives) have the highest vulnerability rate (34.1%) and gaming consoles have the lowest (0.1%).
Before diving into the results, it’s worth spending a moment on the data set and methodology. The results are from 16 million anonymized households in 21 countries that provided consent to have their home networks analyzed for device vulnerabilities. In this article, we focus on smart device vulnerability, so we are excluding computers, smart phones, and routers in order to focus on emerging Internet of Things (IoT) devices.
To start, globally 40.8% of the homes analyzed have at least one device with a vulnerability.
What does it mean, however, for a device to be vulnerable? There are two major types of vulnerabilities. First, a device might be “unpatched”, which is to say its firmware hasn’t been updated to fix a known security issue. Second, however, it might just have a weak password. The user may not have updated the device’s default password, could be re-using passwords among services, or could have chosen one that is simple enough to be cracked.
The following chart breaks out how common each of these two vulnerabilities are:
Data source: Avast
As it turns out, weak passwords drive twice as many security vulnerabilities as unpatched devices! 31.4% of vulnerabilities detected in our scans were due to unpatched devices, while weak credentials were the cause of 69.2% of issues (note: this adds up to more than 100% because some devices have both issues).
Before you throw out all of your smart home devices, it’s worth considering a couple of things. First, practicing proper password hygiene can go a long way to securing your devices from hackers. Second, the vulnerability rate on most devices is relatively low, but people have many devices so there are a lot of entry points for hackers to compromise your smart home network.
Depending on the device, the vulnerability rate can be quite low (or quite high). The next chart shows the percentage of common device categories that have vulnerabilities.
Data source: Avast
By a significant margin, Network-Attached Storage (NAS) devices have the highest vulnerability rates among smart home devices, with 34.1% percent susceptible to hackers. Rounding out the top three most vulnerable devices are Network Nodes (Wi-Fi extensions, switches, hubs, etc.) and Security Cameras. On the other hand, Gaming consoles have the lowest vulnerability rate of just 0.1%, followed by tablets and smart TVs.
The 16 million home networks we analyzed were spread out across 21 different countries. With several hundred thousand data points per country, we set out to examine which countries had users with the most (and least) secure networks.
The chart below shows the top 5 countries with the most vulnerable Wi-Fi networks in the first column and the top 5 countries with the least vulnerable (most secure) networks.
Data source: Avast
Across the globe, users in India had the most vulnerabilities within their home networks, with 52.4% of networks having an exploitable opportunity. According to the Avast Smart Home Security Report, 45.6% of the vulnerabilities in Indian networks are due to Security Cameras, followed by 29.9% related to printers.
Germany has the most secure smart home networks out of the countries we checked, with a vulnerability rate of just 16.7%, nearly three times lower than in India. In Germany, security issues are much more rare, but if they do occur, Network Nodes (e.g. hubs, switches, Wi-Fi extenders) are the culprit 31.2% of the time. South Korea has the second most secure networks, followed by Portugal.
Where does your country rank in terms of smart home network security? The next chart shows all 21 countries in our report, ranked from most vulnerabilities to least.
Data source: Avast
The United States places firmly in the middle of the pack, ranking as the 11th least secure country for home networks. In the United States, 35.2% of personal Wi-Fi networks have a device that is either unpatched or has weak credentials, which is slightly better than the global average of 40.8%. In the United States, printers make up 43.8% of the vulnerabilities that were detected. Smart printers are relatively common in US households and also have a substantial vulnerability rate of 7.5%.
The security of your smart home is only as good as your weakest device. Depending on how your network is set up, hackers can gain access to one device on your network and use that to gain access to others. This is not necessarily a huge challenge for hackers since many devices are known to have security flaws and users are sometimes lax about updating device software. Not only that but the practice of using weak passwords or reusing passwords across services and devices means that hackers can sometimes crack your password.
Across the globe, 40.8% of home networks have at least one vulnerability. People in Germany have the safest home networks while people in India have the highest rate of vulnerabilities. NAS devices, Network Nodes, Security Cameras, DVRs, and Printers all have substantial vulnerability rates. On the other hand, among TVs and Gaming Consoles, security issues are rarely detected.
And while security issues abound with the rise of smart home devices, remember this -- you can go a long way to keeping hackers out of your home network just by practicing proper password management and by making sure your devices are all running the latest version of software.